Please read! RPC/DCOM exploit details

Discussion in 'Drum & Bass' started by sdm, Aug 12, 2003.

  1. sdm

    sdm This is Dog Fort

    Joined:
    Nov 29, 2001
    Messages:
    12,758
    Likes Received:
    17
    Just passing the details on - If this fucks up your PC, DNBforum takes no responsibility.

    :banana:
     
  2. freeagent

    freeagent Almost 30

    Joined:
    Jul 26, 2002
    Messages:
    1,894
    Likes Received:
    1
    Location:
    San Francisco, CA
  3. Time Dependant

    Time Dependant Jungle Hunter

    Joined:
    Apr 10, 2003
    Messages:
    2,174
    Likes Received:
    3
    Location:
    Time Dependant 2007
    I had this shit last night , appreciate the info man I'll get my PC sorted 2night
     
  4. Affliction

    Affliction thought size didnt matter

    Joined:
    Oct 31, 2002
    Messages:
    1,197
    Likes Received:
    0
    Location:
    Portsmouth, UK
    this one fucked me up last night.... turns out i was one of the first 11 people in the country to get this virus... which im weirdly proud of. Fuck knows how it got in though, ive got all the firewalls / virus scanners you could imagine :-/

    note to windows 2000 users... you need service pack 2 installed to run the patch
     
  5. Mulla

    Mulla Digital Future

    Joined:
    Mar 21, 2002
    Messages:
    2,163
    Likes Received:
    1
    Location:
    Bored at Work
    Ive just got that freebie Zonealarm program, hope no dirty worm slags try and get in my pc!!!
     
  6. freeagent

    freeagent Almost 30

    Joined:
    Jul 26, 2002
    Messages:
    1,894
    Likes Received:
    1
    Location:
    San Francisco, CA
    Windows RPC implementation is sorry as shit - anyone can write a buffer overflow on it.
     
  7. martin

    martin Member

    Joined:
    Apr 2, 2003
    Messages:
    196
    Likes Received:
    0
    i agree o_O
     
  8. zeeky deek

    zeeky deek Moaning all the time.

    Joined:
    Jan 10, 2003
    Messages:
    1,027
    Likes Received:
    2
    Location:
    London
    u wanna know annoyance?

    my beatch lil sister left my firewall off cos she was busy DLin films.... GRRRR!!!! got the virus innit, tryin my damndest to fix it now.

    sooooooo :alchy: off
     
  9. 1992

    1992 Novantadue

    Joined:
    Mar 4, 2002
    Messages:
    2,280
    Likes Received:
    1
    Location:
    NJ
    I just came here to post a thread like this but it appears Stu beat me to it.

    As I posted in Waffles, I just got my new PC running which is a Windows XP system (my old one was Win95). I was having a ball, surfing around the web and seeing all the icons pop up nice and fast untill about a half hour into my adventures I clicked on freeagent's freindster post when the now world famous message box popped up (only at the time I didn't know it was so famous and on the TV last night as my mother mentioned):

    [​IMG]
    (this is a gif image, not the real thing)

    I thought something was wrong with my computer for the longest time till I called DELL support and heard an automated message about the fact this wasn't a glitch in the OS but a Virus. I figured out how to get the patch and I updated my virus scaner. This took me about 3 hours when all was said and done.

    What blows me away is that this virus downloaded and ran on my new computer without any intervention from me at all. This isn't suppose to happen but it does on this Windows XP because of this retarted feature called "Automatic Update". My windows 3.1 machine and Windows 95 machine didn't have this "Automatic Update" so why the frikken hell does Microsoft think I need it now? I got along just fine without it and you know what? I'm not turning it back on!!! I wanted to turn it off when I got this computer last May but I figured since I wasn't hooked up to the internet then It didn't matter...... then look what happens... only a half hour of internet browsing and I get "Automaticly Updated with a VIRUS!" As you British would say..... "BRILLIANT!"

    I figured I aught to come back here and mention that I probably got it from this website somehow as thats when my computer first counted down to 0... But it looks like Stu figured this out already and I didn't read the message. Even if I did read the message I would never have beleived that a virus can actually download itself and run, all completely automated... Thats some serious hi-tech virus.

    I'll tell you one thing.... Windows 95 fucking ROCKS because no one writes viruses for that OS anymore. Thats why I was fine for the 2 days it circulated around the net as thats what I was using to surf.

    And who the hell is SAN? I'll tell you what I know.... I don't LUV him!

    Maybe I should set up a firewall? I never did in the past and I've been ok. I'm actually more upset with the 700 messages of spam in my email box every weekend while I'm at the shore. I need to get myself some sort of good free spam filter..... :/
     
    Last edited: Aug 13, 2003
  10. Charlie Van Pelt

    Charlie Van Pelt Charles N. Charge

    Joined:
    Aug 9, 2002
    Messages:
    280
    Likes Received:
    0
    Location:
    Toronto, Canada
    Re: Re: Please read! RPC/DCOM exploit details

    Be careful with that one. I had that firewall and Norton Antivirus 2002 at home; they used to cause a lot of problems together.

    After getting rid of both programs and installing new AV/firewall software from our ISP, the PC works like a dream.

    Chuck :drums:
     
  11. freeagent

    freeagent Almost 30

    Joined:
    Jul 26, 2002
    Messages:
    1,894
    Likes Received:
    1
    Location:
    San Francisco, CA
    Re: Re: Re: Please read! RPC/DCOM exploit details

    @1992, just use the XP firewall.

    Disconnect from the internet. Go to Start|Connect To|, then right-click your internet connection and select properties, and under the last tab, it should have a check-box to activate the firewall. This isn't the best firewall, but it will save you from that stoopid virus. Also, get the removal tool here:

    http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html
     
  12. 1992

    1992 Novantadue

    Joined:
    Mar 4, 2002
    Messages:
    2,280
    Likes Received:
    1
    Location:
    NJ
    Re: Re: Re: Re: Please read! RPC/DCOM exploit details

    Done! Thanks. :broke_ima

    Been there done that. I have the patch and I removed WSBlast.exe The name of that virus reminds me of a Force Mass Motion record which has the sample "Techno Blast, Techno Blast, we have the Techno Blast".
     
  13. JimJapBap

    JimJapBap Member

    Joined:
    Jul 16, 2003
    Messages:
    236
    Likes Received:
    2
    i probed port 135 with that shit, it says stealth but i don't know what that means. So am i cool?